Live chat

Chargify is Secure Billing
Software

At Chargify, security is of paramount importance in every action and decision we make. Remaining constantly vigilant, we continually improve and extend the security of our application and the protection of the data entrusted to us.

Chargify is a PCI Service Provider Level 1

We are audited each year by a PCI-certified Qualified Security Assessor to ensure that we have established and maintain the appropriate security practices prescribed by the Payment Card Industry Data Security Standard for a service handling sensitive payment cardholder data.

Download Chargify's compliance validation.

Enforced standardized SSL encryption for all communication

We go to great lengths to keep your data safe and secure. You should never log in to Chargify over an unencrypted connection and you should never communicate with the Chargify application or API without using an HTTPS URL.

Persistent protection and safety scanning

We are continually evaluating our security and looking for ways to improve. We undertake the following tasks on a regular basis:

  • Scan both our internal and external networks to ensure that we have secured against known vulnerabilities.
  • Audit our codebase for possible security flaws.
  • Patch third-party software and services as vulnerabilities are found and fixed.
  • Subject our application to “penetration testing” by skilled and ethical “hackers.”

Full disclosure

If you believe you have discovered a potential flaw in any area of our security measures, we ask that you share the infomation with us first!  We ask you to retain secrecy of your findings until we have remediated the issue.  Once the flaw has been fixed, you are free to disclose your results as you see fit.

The Chargify disclosure program is managed through Bugcrowd. To see the terms of the program and participate, go to Bugcrowd and sign up as a tester. You will need to accept the Chargify terms of service to engage in testing. If you have identified a vulnerability, please report it via Bugcrowd to be eligible for a reward.

PGP Key

We provide a PGP key to encrypt sensitive communication that you send to us:

  • Key ID: DE9F1F1E
  • Key type: RSA
  • Key size: 4096
  • User ID: security@chargify.com
  • Fingerprint: E4D5 C8FC 775F A9AD EC61 53D4 234A 4FF5 DE9F 1F1E
  • Expires: : 2017-07-18

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQINBFeM62IBEAC06p82UUd2OXswmKfV6Ngls1LMw/bKPwydGCxgp0m4mDb07UgR
53qJ/BWb8+RIgvWyBmEmfM1dX42Ex6DfPRL4IdWUY2hvqEXfgZwT6PaY8BMun+Ww
FwGnmsEkAXYx8xeOVE/TMo8Fr8kxYiWmGVG3EpOlmOOGIy4quwd1zoiK3YzofCUr
lt6yglzSynP3f5JZUMm+SQKcthnOJgPt6TAZJaqwW3Lce/adyed2iwd1RqWF98Ev
nvTLUYtBnuacEkUMQT1Of2wLKcN2bVkVWs2gJvTA0hN5RgJHyBkszUTH/N4MPK7h
m+4gA67NniXe29yjClxVLG/x8AFdy4o5DfR1ifVnZ111dPnE9iDWFGHOg8wpi32F
TQY6sZ9UOq+gQZxKxjtoQObJLXOrU9QJc5qWVwgYKo/sQRryknTOq/Dyg6RXhUmI
j85xdBN36IZh/xJr0I67mN2ofIKqTWWFV8Pe+YYaeItTXE2IiuGMSXNrP+JimjM7
9abTVUeZSxO6mOew/QwZoIUuVRQze1Zv+L4DMPFsT4AMRsbNf9qvdRHLmdJa0aAQ
3pyZXrAOQhMPgy6vtXCR0Q7AkpLqyK+yVjS2SlPXJHf4ArHVu1FqBwbc5zMIMERU
7SzuEw4uM4dBNKK4u7P/wYbZ1v9Oaf3PsLrQ6VdbJpjoBXi8u7uWAH3aVwARAQAB
tClDaGFyZ2lmeSBTZWN1cml0eSA8c2VjdXJpdHlAY2hhcmdpZnkuY29tPokCPgQT
AQIAKAUCV4zrYgIbAwUJAeEzgAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
I0pP9d6fHx67mA/+NIyntYzW7OFj44g484Ue1Sdx6riFm+8S1BaAXibc9lpd/yqx
koujZg5RCbogBD0mdSWXKZj4E+ejPwKIgf74+Rfoy1u/MrEFrQPa1pGwE5IBHSWj
giNXb3fuHKyKbDtK6m8wRmuMXG0UBYzAxlXIfi/agkGkDONMmMV/vvJTmq2G+JPw
432chF0ikUUF1JzRLxfSbnVW+TktvUY3MeiEb5pQo9SF5EjtB4fxYNU/fNfWqTS0
6ogIWeUSzraK+Xt7Fo793I2Ju0JrqiTfGJ8vQIsg/i+WA9HsqqoVXYigH5mtuZHM
CrJWOS1bPrerCsP6B72PnVyZELiezipTsljW4NEtHDfIYXCOkQrFPRddWwCXS/J5
jPki7A0rEf1TCT0t5en52yPRknel5UOLLHqVFUzP5kgyoZCACuceWvy+BuH+UiyM
2BNKKr+C87cGkQ254sAEKaDFrR+E/XwGyBLtovW5/yna3Lpw/nMrnY6RgmGbidze
PwY3KVFP4o8syMZif9Mny0MU9t3OGc8tN8J+MIEsOz0tglrjjD7J8X1t7vndeDvh
jGirHwghFNbZbpJJCP62s8S3prWzWhjy4SvxZiv7Pp+mgPgDPP518CuzxWBz0wDl
OwVhHQSyc6zsHn/6L15g1c+8jMJGjhCxNsFDJh84InSTUYbB2NaqdGQRKtu5Ag0E
V4zrYgEQAOVrtste/nRNXt1AROZ4+RIqPblYe5/vk1DmYN65o4/FCj1D3sn8q/YA
fe2fPIfbsIbyg/kwbZm14BbgtVURNVVU27s6v47LGmiXKIlXqSCSWkjAg9zXyfaJ
Mn5+LNDVhIc+uONLnM2S8vbu3TVaq0b49Ix6u8VsFO1SDVqBnA434MqJIG4wzbHp
tKVArUgtnLDNP3pI83YOsX+2H2Jevh/HC8SOR3/+rlb90UiXA85bp6oDjOmmrGuo
7bV+QGFLEJcQDkk2+PsrbRv1CWPU/sBCn0NQYokS4triXv1g6+HCHfiGpRmKwWU5
1n7d/PLQMPS8QuaNbuQXhbQQLt5rddbKNRwCgCIb64K6u0R1sdNaytX8bVrd9Ri5
L1UTMS6x07Kk745zwXgV/u/ihbh3nw9qdm40eNrXRvVgBYVGWlXEH0z6tkUpvIFY
EoJ9y2mu0u+anJT4FpbpenVm58wv2YMqdsToj1YGY5T5WX6ySRftuiTXa6ZzwIIb
vZ84XSLcHenYB35Jl9NfE30rKEG6xTNmGe5hVh2MwMK//ea7o6J2vtMBLG9IELNd
qyuRYYsonuHG5SuIH0FWqih8cohMHVuc0bXf6/ymTzGE7Nz+9u6htA/OxdWr+7vt
Rb/ZvSxkEm3ePb0/KnFoU2oCaFtPxfSS+sA/aL976S9o/iYAwqSDABEBAAGJAiUE
GAECAA8FAleM62ICGwwFCQHhM4AACgkQI0pP9d6fHx7DexAAlhA2sjsMtfcGWxJR
IZcQTow1/1o4BO4tUPBBa5AQ9brOlMoQI8PeJxsH8DE4zw/yyNTZcBd9YRlHIbsp
v5nMrOFSYMeqBBcF0uCmsTSS4kU7wBF29Das4YbQo2puuacU+TUfqrZxG03ZsC7O
sf1Nn8s3iopzDzJODhjomcpSRCvMqLf7BxaT33yosFu2P2oA51OKzXbxYVYy1yik
dAa0WOwCZVsjKYc3e3g8iAGGRE+hTPWXq/Lkza5UhtceTMiOSRIZjJEFbc3p5g1h
VfTLorj95JvIxsCGr1EZO9gWOjB+iJa/EawB71x2rjntgXahS0M32XeACSzP7Igw
X3B/FPuGuep0vOtBrbWaIWq4XVPHtcOZ9TjzzugwOOxI/LUSfi/rukXCPwJg2Z5H
WdsYa8a3/mburhQtn2JFBtqNrr6fE8uc5vij9PgTYGn7ThnFWeqzp3pAvKqWCdTH
lFTdtrU6D6Nda1T2AyjVMFWj/XoOX9ELRYzvL2dVgjlAy2/a3MLGH4Z/oH/7ctdG
fpBNnZYFJp7/byxawGGSj2cS2NPWUsqxtxBfCQKUQy6rxpAF6qvazjSTFy/VOSHv
U6XVUAo/16a7F8Vtm54bMQPg9t7YmEqq05q/blXmbAQzo56tjVBPkPTA/Yd06ITm
TdYU1oIQ+VHYisMYFLxDkYKQwOg=
=hRtz
-----END PGP PUBLIC KEY BLOCK-----
    

Whitehat Hall of Fame

We maintain a list of all Whitehat Security Researchers who help us find a fix vulnerabilities.  Special thanks goes out to all these researchers!

Streamline your subscription management and recurring billing. Get started today!